Linux has a lot of security measures in place that are meant to protect your system from threats and sometimes (admittedly) our own stupidity. There are three main features that exist to limit and provide access as needed — file permissions, file ownership, and the root user account.

Although widely known as the super user account, SU actually refers to substitute user, and instructs the computer to execute commands with the file permissions of another user, by default the root account. This shortcut is a powerful tool that can be very helpful when used correctly or absolutely devastating if used recklessly.

Today, we’re going to go into deeper detail about SU and why you should be responsible when using it.

Admin Accounts

All of the major operating systems have the concept of an administrator account, offering heightened privileges compared to otherwise “normal” user accounts. Normal users have access to their own files, but not other users’ files and only read-only access to system files so that they can run installed applications.

Administrators, on the other hand, can change system files, which includes installation of new or updated applications, and can (usually) see other users’ files.

Simple enough, right? Sure, the concepts are quite easy to understand, but it has further-reaching implications than just that. Administrators, who assumedly know more about what they’re doing, can make more major changes to a system without it breaking or leaking sensitive data. Normal users without these permissions cannot perform these tasks, so there’s little chance that those users will break the system.

On most systems with just one user, that user is often the administrator and can do whatever they want with their computer. This is a hierarchy of one, so no third party needs to be present as administrator. However, whenever users have access to these system privileges all the time, they tend to use them blindly, simply accepting requests for admin rights without thinking it through.

The Super User Account On Linux

Linux takes a different approach to handling these administrative privileges. Instead of assigning admin rights to user accounts, Linux separates these into two different accounts: the SU account (sometimes called root) and then your normal user account. The idea is that if you need to do something that requires elevated privileges, you can use the SU command and do whatever you need to do.

At least psychologically speaking, this method forces you to realize that you’re doing something more serious to your system as it won’t let you do it without using SU.

To switch, you just need to open up a terminal and type in

su

It will then ask for the root password to grant you access. If you use sudo, you can also run

sudo bash

which will open up bash (simply another instance of the terminal) but on behalf of the root.

SU Benefits

Separating these accounts also helps with managing systems. If a system administrator needs access to the system to make changes, but they aren’t a regular user, they just need to use SU and they won’t have to make a normal user account. These accounts can have different passwords, so only people trying to switch with SU and know the password will get in.

It’s also a great defense mechanism against malware. If it happens to get on your system and execute, it will have the same permissions as your normal user account. It could only gain additional rights if it knew the root password. So while it could destroy your space on the system, it cannot bring down the entire system. On rare occasions, bugs are found where software could gain root access in ways that they’re not supposed to, but those bugs usually get patched up in just a couple days.

Some distributions prefer to use sudo and then disable SU because a normal user using sudo isn’t actively using elevated privileges all the time, unlike someone using the SU command. It also tries to avoid the problem of zero-day security holes that allow unintended root access because the command is disabled to begin with. Finally, by using sudo, the malware would have to guess the user’s password before it could gain elevated privileges.

The problem with sudo, however, is the same as on other operating systems. Users with access to sudo tend to use it blindly and without much additional thought. Again, this is usually fine for systems that are only used by a single user anyways, or systems with a small amount of users with an even smaller amount of them with sudo access. But larger systems should probably leave sudo alone and stick with just SU and normal accounts.

Security In Mind

So, quick review: SU is great because it encourages less mistakes, but it’s still powerful and should only be used by the right people (depending on what system you’re using). Sudo helps bridge the gap between root and normal users, but it has its theoretical downsides. What you end up doing is up to you (that’s the beauty of Linux!), but it definitely helps you make better choices when you’re informed.

Your email address will not be published. Required fields are marked *

Comment

Name *

Email *

Anonymous

August 31, 2015 at 8:25 pm

Nice article except for trying to draw a correlation between the su command the Super User by using SU (capitalized). The su command stands for "substitute user" and can be used to switch any user not just the root account thus drawing this connection is inaccurate and misleading. Also the sudo command is not derived from "su do", it's a play on the word "psuedo".